52 Things: Number 41: Are all side-channels related to power analysis?
52件事:第41件:所有的侧通道都与功率分析有关吗? This is the latest in a series of blog posts to address the list of '52 Things Every PhD Student Should Know' to do Cryptography: a set of questions compiled to give PhD candidates a sense of what they should know by the end of their first year. In this post (spoiler alert!) we enumerate various flavours of side-channel attacks.这是一系列博客文章中的最新一篇,旨在解决“每个博士生都应该知道的52件事”做密码学:这是一组问题,旨在让博士生在第一年结束时了解他们应该知道什么。在这篇文章(剧透提醒!)中,我们列举了各种各样的侧面渠道攻击。 Right, shall we keep this one simple? Side-Channel Attacks (SCA) utilise information acquired in the context of physical implementations of cryptographic algorithms, as opposed to classical cryptanalytic attacks which target theoretical weaknesses. Power analysis is perhaps the most popular flavour of SCA, but it is certainly not the only one.
好吧,我们可以保持简单吗?侧信道攻击(SCA)利用在加密算法的物理实现上下文中获得的信息,而不是针对理论弱点的经典密码分析攻击。功率分析可能是SCA最流行的风格,但它肯定不是唯一的。 It would be beyond the scope of this blog to provide a comprehensive list of all side-channels and attack methodologies. Instead, here are some of the most common SCA targets, together with references to simple but clever attacks:
提供一个全面的所有次要渠道和攻击方法的列表将超出本博客的范围。相反,以下是一些最常见的SCA目标,以及对简单但巧妙的攻击的引用:
- Power consumption. The instantaneous power consumption of a device can leak information about the processed value, e.g. its Hamming weight. I recommend Mangard's attack on the AES key schedule as a starting point for those interested in Simple Power Analysis (SPA).
功耗。设备的瞬时功耗可能会泄露有关处理值的信息,例如其汉明权重。我推荐Mangard对AES密钥调度的攻击,作为那些对简单功率分析(SPA)感兴趣的人的起点。
- Execution time. Such attacks exploit data-dependent differences in running time of algorithms. A famous target is the square-and-multiply algorithm used in modular exponentiation, for example Kocher's attack. Fun fact: even a constant-time implementation is vulnerable to power attacks.
执行时间。这种攻击利用了算法运行时间中与数据相关的差异。一个著名的目标是模幂运算中使用的平方和乘法算法,例如Kocher的攻击。有趣的事实是:即使是恒定时间的实现也容易受到电源攻击。
- Electromagnetic radiation. Apparently, it's rather tricky to get the measurements right for this one, but once that's done -- the attack methodology is similar to Power Attacks. Here's the most cited paper dealing with EMR.
电磁辐射。显然,要正确地测量这一点相当棘手,但一旦完成,攻击方法就类似于强力攻击。以下是被引用最多的关于电子病历的论文。
- Other. There is no limit to what can constitute a target for SCA, and that's in part why they are so interesting. Here's some more ideas:
另外SCA的目标是无限的,这也是它们如此有趣的部分原因。以下是更多想法:
- an acoustic attack on RSA,
对RSA的声学攻击,
- an attack that uses visible light emitted from computer LED (light-emitting diodes),
使用从计算机LED(发光二极管)发射的可见光的攻击,
- a smudge attack on smart phone touch screens,
智能手机触摸屏上的污迹攻击,
- an attack exploiting error messages, also known as padding oracle attack
利用错误消息的攻击,也称为填充oracle攻击
Writing the above, I realise how it could be unsettling to know or to find out that there are so many loopholes. SCA is very much a cat-and-mouse game, and researchers usually recommend ways to avoid the signaled vulnerabilities.
写下以上内容,我意识到知道或发现有这么多漏洞是多么令人不安。SCA在很大程度上是一个猫捉老鼠的游戏,研究人员通常会推荐避免信号漏洞的方法。 标签:power,攻击,Things,SCA,Number,52,attack,side From: https://www.cnblogs.com/3cH0-Nu1L/p/18107528